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DETAILED ACTION 

Applicant's Amendment filed 18 January 2008 is acknowledged. 
Claims 1-2, 6-13 and 15-24 have been amended. 

Claims 3-5 and 14 are cancelled. 

Claims 1- 2, 6-13 and 15-24 are pending in the present application. 
This action is made FINAL. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1,9-10, 13, 16-17, and 22 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Gullotta et al. (US 6985955 B2). 

Consider claims 1 and 16. Gullotta et al. discloses a computer implemented 
method for dynamically provisioning computing resources, said method comprising: 
receiving a request for a computing resource, wherein said request is associated with 
an asset; determining an asset classification of said asset, a business value of said 
asset, and a resource classification related to said asset (column 7 lines 45-52), 
wherein said asset classification is at least one of: a public asset, a business 
confidential asset, a private asset, and a secret asset, wherein said business value of 
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said asset is one of: a low value, a medium value, and a high value (column 18 lines 19- 
32), and wherein said resource classification is one of: a trusted classification for 
internal entities and a non-trusted classification for external entities (column 14 lines 3- 
18); and provisioning said computing resource based on said determining step (column 
5 lines 13-35, column 18 lines 34-46, column 1 1 lines 24-52, and column 12 lines 34- 
53). 

Consider claim 17. Gullotta et al. discloses a system configured to facilitate 
dynamically dynamic provisioning of computing resources (column 13 lines 5-18), said 
system comprising including a provisioning engine configured to: receive a request for a 
computing resource, wherein said request is associated with an asset, determine an 
asset classification, a business value of said asset, and a resource classification related 
to said asset based upon input from a manager component, wherein said asset 
classification is at least one of: a public asset, a business confidential asset, a private 
asset, and a secret asset, wherein said business value of said asset is one of: a low 
value, a medium value, and a high value, and wherein said resource classification is 
one of: a trusted classification for internal entities and a non-trusted classification for 
external entities; and internal entities and a non-trusted classification for external 
entities; and provision said computing resource based on said determining step (column 
5 lines 13-35, column 18 lines 34-46, column 11 lines 24-52, and column 12 lines 34- 
53). 

Consider claim 9, as applied to claim 1 . Gullotta et al. discloses a method 
comprising de-provisioning said computing resource (column 9 lines 47-54). 
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Consider claim 10, as applied to claim 1 . Gullotta et al. discloses a method 
comprising de-provisioning said computing resource when said computing resource is 
no longer needed by said asset (column 9 lines 47-54). 

Consider claim 13, as applied to claim 1 . Gullotta et al. discloses a method 
comprising including defining which processes may be suspended if said asset requires 
an additional computing resource (column 20 lines 23-31). 

Consider claim 22, as applied to claim 17. Gullotta et al. discloses a method 
comprising including a configuration manager instruction module (column 15 line 60 - 
column 16 line 8) configured to identify which processes may be suspended if an asset 
requires additional computing -■^resource (column 20 lines 23-31). 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of ttie prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 
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This application currently names joint inventors. In considering patentability of the 
claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various 
claims was commonly owned at the time any inventions covered therein were made absent any 
evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1 .56 to point out 
the inventor and invention dates of each claim that was not commonly owned at the time a later 
invention was made in order for the examiner to consider the applicability of 35 U.S.C. 1 03(c) 
and potential 35 U.S.C. 102(e), (f) or (g) prior art under 35 U.S.C. 103(a). 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Hartsell et al. (20020174227). 

Consider claim 2, as applied to claim 1 . Gullotta et al. discloses a computer 
implemented method for dynamically provisioning computing resources. However, 
Gullotta et al., fails to disclose a method including determining a data classification of 
said asset. Hartsell et al. discloses a method including determining a data classification 
of said asset (("It will be understood that in the delivery of differentiated services using 
the disclosed systems and methods, including those illustrated in FIGS. 9A-9D, any 
packet classification technology (e.g., WAN packet classification technology) that is 
suitable for classifying or differentiating packets of data may be employed to enable 
such delivery of differentiated services. Such technologies may be employed to allow 
the disclosed systems and methods to read incoming packet markings/labels 
representative of one or more policy-indicative parameters associated with information 
management policy (e.g., class identification parameters, etc.), to allow the disclosed 
systems and methods to mark or tag outgoing packets with markings/labels 
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representative of one or more policy-indicative parameters associated with information 
management policy, or a combination thereof. With regard to packet classification 
technologies, the disclosed differentiated service functionalities may be implemented 
using principals that are compatible with, or that apply to, any suitable types of layer two 
through layer seven packet classification technologies including, but not limited to, 
Ethernet 802.1 P/Q, Diffserv, IPv6, MPLS, Integrated Services (RSVP, etc.), ATM QoS, 
etc. In one embodiment, the disclosed systems and methods may be advantageously 
enabled to perform such packet classification functionalities by virtue of the presence 
and functionality of a network interface processing engine as is described in relation to 
FIGS. 1A and 2 herein.") paragraph 0281). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including determining a data 
classification of said asset as taught by Hartsell et al. with a computer implemented 
method for dynamically provisioning computing resources as taught by Gullotta et al. for 
the purpose of QoS provisioning. 

Claims 6-8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gullotta et al. (US 6985955 B2) in further view of Steegmans (US 6799216 B2). 

Consider claims 6-8, as applied to claim 1. Gullotta et al. discloses a computer 
implemented method for dynamically provisioning computing resources. However, 
Gullotta et al., fails to disclose a method including assigning assets to at least one of a 
plurality of security domains based on an outcome of a determining step, wherein each 
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security domain respectively includes a different degree of security control. Steegmans 
discloses a method including assigning assets to at least one of a plurality of security 
domains, wherein each security domain includes a different degree of security controls 
(("It is also advantageous that the domain manager manages all the resources required 
by internet connections within the domain to which it is assigned. This permits the 
dynamic assignment of network resources to users, as well as the implementation of 
security checks and charge metering for these resources.") column 2 lines 39-44). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including assigning assets to 
at least one of a plurality of security domains, wherein each security domain includes a 
different degree of security controls as taught by Steegmans with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of dynamic security provisioning. 

Claim 11 and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gullotta et al. (US 6985955 B2) in further view of Torres et al. (US 20050043961 Al ) 
and in further view of Benfield et al. (US 20030009540 Al ). 

Consider claims 11 and 23, as applied to claims 1 and 17, respectively. Gullotta 
et al. discloses a computer implemented method for dynamically provisioning computing 
resources. However, Gullotta et al. fails to disclose a method comprising verifying 
software of at least one of an internal client and external client. Torres et al. discloses a 
method comprising verifying software of at least one of an internal client and external 
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client (("Tlie present invention is enterprise software tliat provides a configurable, plug- 
and-play solution that will search, analyze, and operate on transactional and historical 
data in real-time across remote and disparate databases. The software has the unique 
ability to discover similarities and non-obvious relationships in data in real-time and 
apply the results of data analysis to an operational environment. It has a flexible 
framework for building a variety of applications that can be configured based on 
application requirements. Using an open API, the framework enables organizations to 
easily incorporate multiple technologies, analytics, software components, and both 
internal and external data sources. The system performs tasks such as decision 
automation, transaction processing, and extraction of knowledge from data sources. It 
can provide the following capabilities: search, analyze, and operate on both 
transactional and historical data in remote, disparate databases; uncover non-obvious 
relationships; find similarities as well as exact matches; apply analytical results in an 
operational environment; easily interoperate with other enterprise applications; combine 
the results from several different analytics to produce one comprehensive score; search 
and process large amounts of data in real-time; protect data ownership by using remote 
search; ensure technology investment due to the ability to easily update and expand the 
system; operate in serial and parallel environments; protect privacy by returning scores 
instead of actual data; operate on data with different data types, platforms, and formats; 
produce a complete audit trail for all search and analytical results; and quickly and 
easily incorporates multiple analytics, software components, and internal and external 
data sources. The invention enables more accurate and informed decisions; streamlines 
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operational processes; increases efficiencies and reduces operational costs; transforms 
data in real-time into useful and useable information; improves customer service and 
customer interaction; and drives more profitable relationships with customers. It may be 
used in business-critical applications including employee background checks, risk 
assessment, fraud detection, data mining, alias identification, market analysis, and 
customer identification. Modular software components provide unique analytical 
capabilities such as link analysis, fuzzy search, similarity scoring and classifications, 
and rules processing as well as a complete decision audit trail. The invention also 
accepts and Integrates third party analytics and software components.") paragraph 
0020). Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including verifying software of 
at least one of an internal client and external client as taught by Torres et al. with a 
computer Implemented method for dynamically provisioning computing resources as 
taught by Gullotta et al. for the purpose of application-aware provisioning. However, 
Gullotta et al., as modified by Torres et al., fails to disclose a method of taking Inventory 
of an internal and an external network. Benfield et al. discloses a method of taking 
Inventory of an Internal and an external network (("While firewalls may prevent certain 
entitles from obtaining Information from the protected internal network, firewalls may 
also present a barrier to the operation of legitimate, useful processes. For example, In 
order to ensure a predetermined level of service, benevolent processes may need to 
operate on both the external network and the protected internal network; a customer 
system is more efficiently managed if the management software can dynamically detect 
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and dynamically configure hardware resources as they are installed, rebooted, etc. 
Various types of discovery processes, status polling, status gathering, etc., may be 
used to get information about the customer's large, dynamic, distributed processing 
system. This information is then used to ensure that quality-of-service guarantees to the 
customer are being fulfilled. However, firewalls might block these system processes, 
especially discovery processes.") paragraph 0202). 

Therefore it would have been obvious to a person of ordinary skill in the art at the 
time the invention was made to incorporate a method of taking inventory of an internal 
and an external network as taught by Benfield with a method including verifying 
software of at least one of an internal client and external client and a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al., as modified by Torres et al., for the purpose of identity management. 

Claims 12 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullotta et al. (US 6985955 B2) in further view of Oren et al. (US 20030145093 
Al). 

Consider claims 12 and 21, as applied to claims 1 and 17, respectively. Gullotta 
et al. discloses a computer implemented method for dynamically provisioning computing 
resources. However, Gullotta et al. fails to disclose a method comprising an instruction 
module configured to apply encryption to asset data based on said asset classification. 
Oren et al. discloses a method comprising applying encryption to asset data based on 
said asset classification (("According to optional but preferred embodiments of the 
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present invention, system 10 also features an information security system for encrypting 
and/or authenticating classified data defined by the user before transmitting such data 
from peer device 12 of the user. Client module 14 is preferably able to manage renewed 
sets of security keys which are downloaded from central location authority, and 
particularly from a server which acts as the certificate authority of system 10.") 
paragraph 0083). 

Therefore, It would have been obvious for a person of ordinary skill In the art at 
the time the invention was made to incorporate a method including applying encryption 
to asset data based on said asset classification as taught by Oren et al. with a computer 
Implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of thin provisioning and data classification. 

Claim 15 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Grannon (US 20050010671 Al ). 

Consider claim 15, as applied to claim 1. Gullotta et al. discloses a computer 
implemented method for dynamically provisioning computing resources. However, 
Gullotta et al. fails to disclose a method comprising storing policies regarding 
processing assets when computing resources are limited due to a failure of at least one 
of software and hardware. Grannon discloses a method comprising storing policies 
regarding processing assets when computing resources are limited due to a failure of at 
least one of software and hardware (("For purposes of illustration and example, the 
MMS software 188 configures itself to be a slave server for redundancy within the 
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premises in response to detecting an existing MiVIS module (namely the MMS software 
120) in another device (namely the personal computer 110). Thus, while the MMS 
software 120 in the personal computer 1 10 is functioning properly and providing server 
functions, the STB 180 functions as an MMC device. However, the STB 180 keeps a 
copy of media asset and device profile tables to account for which media files are stored 
on all of the devices and how associated memory across the devices is allocated. The 
STB 1 80 keeps the tables in order to take over as the MMS if the personal computer 
1 10 should fail. Also for redundancy purposes, the MMS software 120 can manage data 
replication across multiple devices to ensure that identical pieces of data are stored on 
different devices.") paragraph 0026). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including storing policies 
regarding processing assets when computing resources are limited due to failures of at 
least one of software and hardware as taught by Grannon with a computer implemented 
method for dynamically provisioning computing resources as taught by Gullotta et al. for 
the purpose of application-aware storage. 

Claim 18 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Tredoux et al. (US 20020161904 Al). 

Consider claim 18, as applied to claim 17. Gullotta et al. discloses a computer 
implemented method for dynamically provisioning computing resources. However, 
Gullotta et al. fails to disclose a system comprising a server configured to communicate 
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with at least one of an internal and external client. Tredoux et al. discloses a system 
comprising a server configured to communicate with at least one of an internal and 
external client (("No assumptions need be rendered regarding the network protocol 
used by the external network device client to communicate with the internal network 
device and/or (hidden )server on the protected network. All network traffic, for example 
TCP/IP traffic, is tunneled by the proxy agent 240 through the exemplary HTTP 
connection between the proxy agent 240 and the external proxy server 250, and there is 
generally no need for them to alter this data, with some notable exceptions. Certain 
protocols can require special treatment, particularly HTTP itself. The use of embedded 
hyperlinks in HTML pages implies that a client may be redirected by a link to an 
inaccessible URL hidden behind the security device/firewall 20, away from the external 
proxy server 250 which enables its access to the hidden network. To prevent or 
minimize such undesirable redirection, a web browser / external device 230 can be 
configured (through standard browser settings) to use the external proxy server 250 as 
a true HTTP proxy server, using the local port on the server described above. This 
ensures that all HTTP requests are forwarded intact and uninterpreted to the external 
proxy server 250, which passes those requests to the proxy agent 240. The agent 240 
retrieves the requested URLs, which are directly accessible to it since it is behind the 
firewall 20.") paragraph 0033). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a server configured 
to communicate with at least one of an internal and external client as taught by Tredoux 
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et al. with a computer implemented method for dynamically provisioning computing 
resources as taught by Gullotta et al. for the purpose of class-based provisioning. 

Claims 19 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullotta et al. (US 6985955 B2) in further view of Elliot et al. (US 20020064149 
Al). 

Consider claims 19 and 24, as applied to claim 17. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al. fails to disclose a system comprising a domain database 
configured to store domain rules and policies. Elliot et al. discloses a system comprising 
a domain database configured to store domain rules and policies (("Data recovery of 
failed databases is needed in real time.") paragraph 0757 ("Data Administration 
(dbAdmin) 2238 involves setting data policy, managing the logical and physical aspect 
of the databases, and securing and configuhng the functional components of the Data 
Management 2138 domain. Data Management policies include security, distribution, 
integrity rules, performance requirements, and control of replications and partitions. 
dbAdmin 2238 includes the physical control of data resources such as establishing data 
locations, allocating physical storage, allocating memory, loading data stores, optimizing 
access paths, and fixing database problems. dbAdmin 2238 also provides for logical 
control of data such as auditing, reconciling, migrating, cataloguing, and converting 
data.") paragraph 1002). 
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Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a domain database 
configured to store domain rules and policies as taught by Elliot et al. with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of a classification database. 

Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Baba et al. (US 200601 68253 Al ). 

Consider claim 20, as applied to claim 17. Gullotta et al. discloses a computer 
implemented method for dynamically provisioning computing resources. However, 
Gullotta et al. fails to disclose a system comprising a connection manager configured to 
direct at least one of an internal client and external client to comply with software 
requirements. Baba et al. discloses a system comprising a connection manager 
configured to direct at least one of an internal client and external client to comply with 
software requirements (("An application gateway 110 having a firewall function of 
limiting accesses from devices connected to the external network 120 is provided 
between the external network 120 and the internal network constituted of the home 
network 100. The application gateway checks a communication packet in an application 
layer upon receiving an access request from the external network so as to perform 
filtering.") paragraph 0097). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a connection 
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manager configured to direct at least one of an internal client and external client to 
comply with software requirements as taught by Baba et al. with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of class-based provisioning. 

Response to Arguments 

In response to Applicant's arguments filed 18 January 2008; 

Applicant asserts that Gullotta et al. fails to disclose a security value of an asset, 
a business value of an asset, dynamic provisioning, or trust policies. Examiner 
respectfully disagrees. Gullotta et al. discloses a security value of an asset (Gullotta et 
al., column 18 lines 19-32), a business value of an asset (Gullotta et al., column 7 lines 
45-52), dynamic provisioning (Gullotta et al., column 13 lines 5-18), and trust policies 
(Gullotta et al., column 14 lines 3-18). 

Applicant asserts that Gullotta et al., as modified by Steegmans, fails to disclose 
a security domain assigned to an asset. Examiner respectfully disagrees. Gullotta et al., 
as modified by Steegmans, discloses a security domain assigned to an asset (Gullotta 
et al., column 15 line 60 - column 16 line 8). 

Applicant asserts that Gullotta et al., as modified by Baba et al., fails to disclose 
an instruction module. Examiner respectfully disagrees. Gullotta et al., as modified by 
Baba et al., discloses an instruction module (Gullotta et al., column 15 line 60 - column 
16 line 8). 
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Applicant asserts that Gullotta et a!., as modified by Elliot et al., fails to disclose a 
policy for hardware and software failures. Examiner respectfully disagrees. Gullotta et 
al., as modified by Elliot et al., discloses a policy for hardware and software failures 
(Elliot et al., paragraphs 0722, 0757, 0792 and 1083). 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any response to this Office Action should be faxed to (571 ) 273-8300 or mailed 

to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 



Hand-delivered responses should be brought to 
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Customer Service Window 
Randolph Building 
401 Dulany Street 
Alexandria, VA 22314 

Any inquiry concerning this communication or earlier communications from the 
Examiner should be directed to Mark Fearer whose telephone number is (571) 270- 
1770. The Examiner can normally be reached on Monday-Thursday from 7:30am to 
5:00pm. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Nathan Flynn can be reached on (571) 272-1915. The fax phone number for 
the organization where this application or proceeding is assigned is (571) 273- 
8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more Information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) or 571-272-4100. 

Any Inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist/customer service whose telephone 
number is (571)272-2600. 
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